PT-2025-40935

Name of the Vulnerable Software and Affected Versions code-projects Online Course Registration version 1.0 Description A flaw exists in code-projects Online Course Registration 1.0 that allows for SQL injection. The issue is located in the file /admin/edit-course.php and involves manipulation of...

EUVD-2025-31448

Malicious code in bioql PyPI...

EUVD-2025-31458

Malicious code in bioql PyPI...

EUVD-2025-28408

Malicious code in bioql PyPI...

EUVD-2025-30755

Malicious code in bioql PyPI...

EUVD-2025-30432

Malicious code in bioql PyPI...

EUVD-2025-29752

Malicious code in bioql PyPI...

EUVD-2025-30400

Malicious code in bioql PyPI...

EUVD-2025-30804

Malicious code in bioql PyPI...

EUVD-2025-28442

Malicious code in bioql PyPI...

EUVD-2025-29116

Malicious code in bioql PyPI...

EUVD-2022-41182

Malicious code in bioql PyPI...

EUVD-2025-30392

Malicious code in bioql PyPI...

CVE-2021-42193

nopCommerce 4.40.3 is vulnerable to XSS in the Product Name at /Admin/Product/Edit/id. Each time a user views the product in the shop, the XSS payload fires...

CVE-2021-42193

CVE-2021-42193 affects nopCommerce 4.40.3 with a stored/reflected XSS in the Product Name field exposed at /Admin/Product/Edit/[id]. The vulnerability is triggered when users view the product in the shop, allowing execution of an XSS payload. The Red Hat, NVD, OSV, and PT-Security entries all des...

PT-2025-40537

Name of the Vulnerable Software and Affected Versions nopCommerce version 4.40.3 Description The software contains a flaw that allows for cross-site scripting XSS in the Product Name field within the '/Admin/Product/Edit/id' API endpoint. When a user views a product in the shop, the XSS payload i...

CVE-2025-11101

A security flaw has been discovered in itsourcecode Open Source Job Portal 1.0. This impacts an unknown function of the file /jobportal/admin/company/index.php?view=edit. Performing manipulation of the argument ID results in sql injection. The attack can be initiated remotely. The exploit has bee...

CVE-2025-11090

A vulnerability was identified in itsourcecode Open Source Job Portal 1.0. Affected is an unknown function of the file /admin/employee/index.php?view=edit. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit is publicly available and might...

CVE-2025-11063

A vulnerability was identified in Campcodes Online Learning Management System 1.0. This issue affects some unknown processing of the file /admin/editdepartment.php. The manipulation of the argument d leads to sql injection. It is possible to initiate the attack remotely. The exploit is publicly...

CVE-2025-11061

A vulnerability was found in Campcodes Online Learning Management System 1.0. This affects an unknown part of the file /admin/editstudent.php. Performing manipulation of the argument cys results in sql injection. The attack is possible to be carried out remotely. The exploit has been made public...